def test_verify():
    timestamp = 12347456
    shr = SignedHttpRequest(SIGN_KEY)
    result = shr.sign(alg=ALG, time_stamp=12347456, **TEST_DATA)
    signature = shr.verify(signature=result, **TEST_DATA)

    assert signature["ts"] == timestamp
def test_verify_not_strict(key, value, monkeypatch):
    shr = SignedHttpRequest(SIGN_KEY)
    result = shr.sign(alg=ALG, **TEST_DATA)
    monkeypatch.setitem(TEST_DATA, key, value)
    shr.verify(signature=result,
               strict_query_params_verification=False,
               strict_headers_verification=False, **TEST_DATA)
def test_verify_strict(key, value, monkeypatch):
    shr = SignedHttpRequest(SIGN_KEY)
    result = shr.sign(alg=ALG, **TEST_DATA)
    monkeypatch.setitem(TEST_DATA, key, value)
    with pytest.raises(ValidationError):
        shr.verify(signature=result,
                   strict_query_params_verification=True,
                   strict_headers_verification=True, **TEST_DATA)
    def userinfo_endpoint(self, request, **kwargs):
        access_token = self._parse_access_token(request)
        shr = SignedHttpRequest(self._get_client_public_key(access_token))
        http_signature = self._parse_signature(request)
        try:
            shr.verify(http_signature,
                       method=request["method"],
                       host=request["host"], path=request["path"],
                       query_params=request["query"],
                       headers=request["headers"],
                       body=request["body"],
                       strict_query_param_verification=True,
                       strict_headers_verification=False)
        except ValidationError:
            return self._error_response("access_denied",
                                        descr="Could not verify proof of "
                                              "possession")

        return self._do_user_info(self.access_tokens[access_token], **kwargs)
def test_verify_fail(key, value, monkeypatch):
    shr = SignedHttpRequest(SIGN_KEY)
    result = shr.sign(alg=ALG, **TEST_DATA)
    monkeypatch.setitem(TEST_DATA, key, value)
    with pytest.raises(ValidationError):
        shr.verify(signature=result, **TEST_DATA)
def test_verify_fail_wrong_key():
    shr = SignedHttpRequest(SIGN_KEY)
    result = shr.sign(alg=ALG, **TEST_DATA)
    with pytest.raises(ValidationError):
        rshr = SignedHttpRequest(SYMKey(key="wrong_key", alg="HS256"))
        rshr.verify(signature=result, **TEST_DATA)